On the anatomy of social engineering attacks-A literature-based dissection of successful attacks
作者: Jan-Willem Hendrik Bullée , Lorena Montoya , Wolter Pieters , Marianne Junger , Pieter Hartel
DOI: 10.1002/JIP.1482
关键词:
摘要: The aim of this study was to explore the extent which persuasion principles are used in successful social engineering attacks. Seventy-four scenarios were extracted from 4 books on (written by engineers) and analysed. Each scenario split into attack steps, containing single interactions between offender target. For each step, identified. main findings that (a) often attacks, (b) authority (1 6 principles) is considerably more than others, (c) single-principle steps occur multiple-principle ones. engineers identified compared other influences. analysis illustrates how exploit human element security. support view security mechanisms should include not only technical but also countermeasures.
utwente.nl
tudelft.nl参考文章(56)
Stanley Milgram, BEHAVIORAL STUDY OF OBEDIENCE. The Journal of Abnormal and Social Psychology. ,vol. 67, pp. 371- 378 ,(1963) , 10.1037/H0040525
Bin Zhao, Fernando Olivera, Error Reporting in Organizations Academy of Management Review. ,vol. 31, pp. 1012- 1030 ,(2006) , 10.5465/AMR.2006.22528167
Lisa Tompson, Spencer Chainey, Profiling Illegal Waste Activity: Using Crime Scripts as a Data Collection and Analytical Strategy European Journal on Criminal Policy and Research. ,vol. 17, pp. 179- 201 ,(2011) , 10.1007/S10610-011-9146-Y
Thomas Blass, The Milgram Paradigm After 35 Years: Some Things We Now Know About Obedience to Authority1 Journal of Applied Social Psychology. ,vol. 29, pp. 955- 978 ,(1999) , 10.1111/J.1559-1816.1999.TB00134.X
Mark Chan, Irene Woon, Atreyi Kankanhalli, Perceptions of Information Security in the Workplace: Linking Information Security Climate to Compliant Behavior Journal of Information Privacy and Security. ,vol. 1, pp. 18- 41 ,(2005) , 10.1080/15536548.2005.10855772
Daniel J. O'Keefe, Scott L. Hale, An odds–ratio–based meta–analysis of research on the door–in–the–face influence strategy Communication Reports. ,vol. 14, pp. 31- 38 ,(2001) , 10.1080/08934210109367734
Beth E. Meyerowitz, Shelly Chaiken, The effect of message framing on breast self-examination attitudes, intentions, and behavior. Journal of Personality and Social Psychology. ,vol. 52, pp. 500- 510 ,(1987) , 10.1037//0022-3514.52.3.500
Hyeun-Suk Rhee, Cheongtag Kim, Young U. Ryu, Self-efficacy in information security: Its influence on end users' information security practice behavior Computers & Security. ,vol. 28, pp. 816- 826 ,(2009) , 10.1016/J.COSE.2009.05.008
CHARLES K. HOFLING, EVELINE BROTZMAN, SARAH DALRYMPLE, NANCY GRAVES, CHESTER M. PIERCE, An experimental study in nurse-physician relationships. Journal of Nervous and Mental Disease. ,vol. 143, pp. 171- 180 ,(1966) , 10.1097/00005053-196608000-00008
Sarah Tanford, Steven Penrod, Social Influence Model: A formal integration of research on majority and minority influence processes. Psychological Bulletin. ,vol. 95, pp. 189- 225 ,(1984) , 10.1037/0033-2909.95.2.189